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DETAILED ACTION 

Claim Rejections - 35 USC § 102 

1. The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this Office 
action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

2. Claims 1-21 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Eldridge et al (US 6,51 5,988). 

a. Referring to claim 1: 

i. Eldridge teaches: 

(1 ) a display for displaying data to be digitally signed [i.e., 
the portable device is preferably a handheld or wristwatch computer with a 
graphical display for enabling the user to transfer tokens, and the fixed devices 
preferably Include a scanner/copier/printer having Its own IR transceiver, wherein 
the token contains a string or Icon which can be displayed to identify the 
document or service to which the token refers for the benefit of the user (column 
2, lines 40-42 and abstract)]; 

(2) a transducer for receiving the user authorization 
information and for providing user authorization data based thereon [i.e., the security 
information includes a digital signature of the information in the token. The 
digital signature is a digest of information in the token and its encryption with the 
document owner's private key. These signatures can only be generated by the 
personal portable device since only it has the private key. The signature ensures 
the integrity of the token and attests that the token did originate from a known 
portable device (column 2, lines 47-56)]; and 
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(3) a processor for providing data based on an electronic 
docunnent for digitally being signed to the display in a secure fashion such that the 
displayed data is known to be based upon the electronic docunnent, for receiving the 
user authorization data, for verifying the user authorization data against stored tennplate 
data, and for digitally signing the electronic document upon determining that the user 
authorization data is provided from an authorized user [i.e., accordingly, Eldridge's 
invention provides a method for supporting a wide range of digital applications 
that can be carried out in a data processing device that includes a processor, 
memory, and a user interface. In response to user input, the data processing 
device can generate a token comprising an operation component designating a 
document related operation (e.g. single sided or double sided print command), an 
address component designating the electronic address of a document or system 
providing a document related service, one or more parameter components, each 
parameter component defining a property of a document or a property of a 
service to be applied to a document, and a security parameter dependent upon 
the identity of a user associated with a document or with a document related 
service. This token is transmitted to another device (e.g. the network printer), 
which can check security, parameters, and modify its default operations in 
response to user input to the data processing device (column 1, lines 50-67)], 

(4) wherein the processor provides the data based on the 
electronic document to the display for review prior to digitally signing the electronic 
document [I.e., referring to Figure 3A, the components (32, 34, 342, 344, 36, 38, 
382-389) of the general form of the satchel token 30 are schematically illustrated. 
All the components (32, 34, 342, 344, 36, 38, 382-389) taken together form a 
Satchel Token general 30. They are stored inside a user's PDA 2 (but they can 
also be stored in user's personal computers/workstations) as small packets 
having the structure indicated in FIG. 3. They are taken out of this form and 
linearised (made into a straight linear sequence of ASCII characters) when 
needed. This can be done for two reasons: (i) so that a token can be transported 
through some communications medium (wired or wireless) and (ii) so that the 
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token as a whole can be taken as a linear sequence of ASCII characters for 
secure hashing and then digital signing operations to form the token's digital 
signature component (column 6, lines 33-47)]. 

b. Referring to claim 2: 

i . Eldridge further teaches: 

(1) wherein the display, the transducer, and the 
processor are disposed within a same secure housing [I.e., Figures 5 and 6 show a 
portable computing device which includes a display, a processor, user 
authentication, and user interface]. 

c. Referring to claim 3: 

i . Eldridge further teaches: 

(1) wherein the secure housing fornns part of a personal 
digital assistant housing [i.e.. Figure 2 shows a portable computing device, such as 
personal digital assistants (PDAs), handheld PCs, or pocket or wristwatch 
computers (column 5, lines 26-28)]. 

d. Referring to claims 4, 5. 13. 14. 15, and 16: 

i. These claims have limitations that is similar to those of claim 
1 (4), thus they are rejected with the same rationale applied against claim 1 (4) above. 

e. Referring to claims 6. 7. and 8: 

i. These claims have limitations that is similar to those of claim 
1 (2), thus they are rejected with the same rationale applied against claim 1 (2) above. 

f. Referring to claim 9: 

i. Eldridge further teaches: 

(1) non-volatile storage including executable instructions 
stored therein for performing functions associated with a personal digital assistant [i.e., 
data processing device that includes a processor, memory (that is a ''non-volatile 
storage"), and a user interface (column 1, lines 52-53)]. 

g. Referring to claim 10: 

i. This claim has limitations that is similar to those of claim 9, 
thus it is rejected with the same rationale applied against claim 9 above. 
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h. Referring to claim 1 1: 

i. This claim has limitations that is similar to those of claim 1, 
thus it is rejected with the same rationale applied against claim 1 above. 

i. Referring to claims 12 and 18: 

i. These claims have limitations that is similar to those of claim 
2, thus they are rejected with the same rationale applied against claim 2 above, 
j. Referring to claim 17: 
i. Eldridge teaches: 

(1) providing the electronic document to a secure 
processor [i.e., tokens which include security information are presented to "secure 
documents servers" (column 3, lines 11-12)]; 

(2) displaying data based on the electronic document, the 
data provided from the processor to a display along a secure communication path 
therebetween [i.e., accordingly, the present Invention provides a method for 
supporting a wide range of digital applications that can be carried out in a data 
processing device that includes a processor, memory, and a user Interface. In 
response to user Input, the data processing device can generate a token 
comprising an operation component designating a document related operation 
(e.g. single sided or double sided print command), an address component 
designating the electronic address of a document or system providing a 
document related service, one or more parameter components, each parameter 
component defining a property of a document or a property of a service to be 
applied to a document, and a security parameter dependent upon the identity of a 
user associated with a document or with a document related service. This token 
is transmitted to another device (e.g. the network printer), which can check 
security, parameters, and modify its default operations In response to user Input 
to the data processing device (column 1, lines 50-67)]; 

(3) receiving authorization data [I.e., each portable 
device Is in effect a user's personal satchel for documents, with the devices being 
programmed to receive, transmit, and store document identifiers (e.g. World Wide 
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Web URLs), each of which is associated with an electronic document stored in an 
electronic repository at a site on the web (column 1, lines 29-35)]; and 

(4) when the authorization data is indicative of an 
authorization to digitally sign the displayed data, digitally signing the electronic 
document to provide a signed docunnent [i.e., referring to Figure 3A, the components 
(32, 34, 342, 344, 36, 38, 382-389) of the general form of the satchel token 30 are 
schematically illustrated. All the components (32, 34, 342, 344, 36, 38, 382-389) 
taken together form a Satchel Token general 30. They are stored Inside a user's 
PDA 2 (but they can also be stored in user's personal computers/workstations) as 
small packets having the structure indicated in FIG. 3. They are taken out of this 
form and linearised (made into a straight linear sequence of ASCII characters) 
when needed. This can be done for two reasons: (i) so that a token can be 
transported through some communications medium (wired or wireless) and (ii) so 
that the token as a whole can be taken as a linear sequence of ASCII characters 
for secure hashing and then digital signing operations to form the token's digital 
signature component (column 6, lines 33-47)]. 

k. Referring to claim 19: 

\, This claim has limitations that is similar to those of claim 1 
(3), thus it is rejected with the same rationale applied against claim 1 (3) above. 

I. Referring to claim 20: 

i. This claim has limitations that is similar to those of claim 14, 
thus It is rejected with the same rationale applied against claim 14 above. 

m. Referring to claim 21: 

i . Eldridge further teaches: 

(1) wherein any instructions in execution on the 
processor is secure software that is verified by a secure entity [i.e., a secure server 
contains a "gatekeeper" which verifies signatures on tokens and examines the 
specified conditions associated with the token and then acts accordingly (e.g. 
encrypting the document with the appropriate key) (column 3, lines 12-16)]. 

Claim Rejections - 35 USC § 102 
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3. The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this Office 
action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

4. Claim 1, 11, and 17 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Smithies et a! (US 5,818,955). 

a. Referring to claim 1: 

i. Smithies teaches: 

(1 ) a display for displaying data to be digitally signed [i.e., 
the client application presents the required information to a signature capture 
module 4 (also called a signature capture service), which in turn requests that a 
user sign his or her signature using the appropriate hardware devices, such as, 
for example, a combination of a pen/digitizer and display 8 (column 7, lines 38- 
42)]; 

(2) a transducer for receiving the user authorization 
information and for providing user authorization data based thereon [i.e., the signature 
capture module 4 and the signature verification module 6 utilize a set of APIs 
(Application Program Interfaces) to permit the incorporation of signature capture 
and verification into many different applications, e.g., 2a and 2b. Applications 
can determine the context for each signature and the criteria for signature 
verification thresholds, (column 8, lines 8-13)]; and 

(3) a processor for providing data based on an electronic 
document for digitally being signed to the display in a secure fashion such that the 
displayed data is known to be based upon the electronic document, for receiving the 
user authorization data, for verifying the user authorization data against stored template 
data, and for digitally signing the electronic document upon determining that the user 
authorization data is provided from an authorized user [i.e., in the representative 
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embodiment, the signature capture module 4 requires the availability both of a 
graphical display device and a digitizer. Under both Windows for Pen Computing 
and Pen for OS/2, any graphical display device supported by the operating 
system may be used, for example, Wacom, Calcomp, Kurta, etc. In addition, the 
computer processor can be any pen-based computer supporting either of these 
operating systems, such as, for example, Compaq's Concerto computer or IBM's 
P-Series Thinkpad computer (column 8, lines 22-31)], 

(4) wherein the processor provides the data based on the 
electronic document to the display for review prior to digitally signing the electronic 
document [i.e., referring to Figure 3A, the client application 2 may supply to the 
signature capture module 4 an identification of the document being signed and/or 
the reason why (or importance of) the document being signed. This information 
is the gravity prompt 22. In the representative embodiment, the gravity prompt 22 
is displayed to the user in the signature capture window 20. This allows the user 
to make sure that the document being signed is the one that the user believes he 
or she is signing, and moreover, alerts the user to reason for and the gravity of 
the act of signing (column 10, lines 57-66)]. 

b. Referring to claim 1 1: 

i. This claim has limitations that is similar to those of claim 1, 
thus it is rejected with the same rationale applied against claim 1 above. 

c. Referrino to claim 1 7: 

i. Smithies teaches: 

(1) providing the electronic document to a secure 
processor [i.e., the signature capture module encrypts data representing, inter 
alia, the act-of-signing statistics, the time and date of signing, the claimed identity 
of the signer, the words that appear in the gravity prompt, the document 
checksum, and optionally, data representing a graphic image of the signature. 
The signature capture module creates a signature envelope that comprises this 
encrypted data. In the representative embodiment, the signature envelope is an 
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encrypted string of data. Accordingly, the signature envelope is a secure way to 
represent the inscription event (column 4, lines 52-61)]; 

(2) displaying data based on the electronic document, the 
data provided from the processor to a display along a secure communication path 
therebetween [i.e., the client application presents the required information to a 
signature capture module 4 (also called a signature capture service), which in 
turn requests that a user sign his or her signature using the appropriate hardware 
devices, such as, for example, a combination of a pen/digitizer and display 8 
(column 7, lines 38-42). The signature verification module and template database 
may be located at a remote location, accessible by many client applications. For 
example, the signature verification module and template database may be located 
at a central independent signature verification bureau, in an alternative 
embodiment, the signature verification module and template database are located 
upon the local system, accessible by the client application when necessary 
(column 5, lines 6-15)]; 

(3) receiving authorization data [i.e., signature capture 
module is for capturing and/or receiving a handwritten signature(see Figure 1)]; 

and 

(4) when the authorization data is indicative of an 
authorization to digitally sign the displayed data, digitally signing the electronic 
document to provide a signed document [i.e., referring to Figure 3A, the client 
application 2 may supply to the signature capture module 4 an identification of 
the document being signed and/or the reason why (or importance of) the 
document being signed. This information is the gravity prompt 22. In the 
representative embodiment, the gravity prompt 22 is displayed to the user in the 
signature capture window 20. This allows the user to make sure that the 
document being signed is the one that the user believes he or she is signing, and 
moreover, alerts the user to reason for and the gravity of the act of signing 
(column 10, lines 57-66)]. 

Conclusion 
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5. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

a. Beard (US 5, 867, 821) discloses a method and apparatus for 
transaction verification is provided. An acoustic signature of a transaction executioner 
is captured and electronically saved as a digital signature file, (see abstract). 

Any inquiry concerning this communication or earlier 
communications from the examiner should be directed to Thanhnga (Tanya) Truong 
whose telephone number is 703-305-0327. 

If attempts to reach the examiner by telephone are unsuccessful, 
the examiner's supervisor, Kim Vu can be reached at 703-305-4393. The fax and 
phone numbers for the organization where this application or proceeding is assigned is 
703-872-9306. 

Any inquiry of a general nature or relating to the status of this 
application or proceeding should be directed to the receptionist whose telephone 
number is 703-305-3900. 

TC 2100 will be moved to Carlyle in October 2004, the new 
telephone number for TC 2100 receptionist is 571-272-2100. In October 2004, any 
inquiry concerning this communication should be directed to Thanhnga (Tanya) Truong 
whose new telephone number is 571-272-3858, and the examiner's supervisor, Kim Vu 
can be reached at 571-272-3859. 
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